NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
m4300-24x: strange ARP forwarding effect
Hi all, seems I cannot get to the bottom of this by myself, although I stripped my config to (what I feel is) minimum: - M4300-24x 10G switch - on one port, I have a (newly attached) server,...
Update:
I had tried rebooting and updating the switches to the latest software level (12.0.9.3), just in case... but that didn't help.
Running out of ideas, I broke up the redundant LACP connection of the existing server - and to my suprise, everything started to work.
The network setup is as follows:
- existing server connected to two M4300-24X (stacked) via two 10G links, LACP, hash mode 7
interface lag 12 port-channel load-balance 7 mtu 9216 switchport mode trunk switchport trunk native vlan 190 switchport trunk allowed vlan 7,100,190-193,300-301,1100-1199
server is running a "virtual VLAN interface" on VLAN 7, and has dhcpd and TFPT daemon listening on that interface
- new server connected to same two M4300-24X (stacked) via two 10G links (indended: LACP, hash mode 7)
- because of the problems, the LAG was de-configured, only one link is currently active, without LACP
interface 1/0/8 vlan pvid 7 vlan participation exclude 1 vlan participation include 7
new server is to PXE-boot via this interface
- DHCP from new server to existing works, but when TFTP is tried, the PXE code reports "ARP timeout"
- tracing via a mirror port for 1/0/8 (new server's port), I can see the ARP requests being sent out by the new server
- tracing via tcpdump on the existing server and other machines on VLAN 7, I only see the DHCP packets (both requests and responses), but no indication of the ARP requests from the new server
- if I take down one of the two LAG interfaces of the existing server (I chose the on on module 2, so both existing and new server are active on the same switch), communications work as expected.
As described in my first post, I had also tested via ICMP echo requests by booting an OS on the new server and testing manually... with redundant LAG for the existing server, packets from the new server to the existing server (both ARP requests and ICMP) were only seen once I had pinged in the reverse direction (existing to new server, or to *any* IP on VLAN 7). With only the single link in the existing server's LAG, this test also worked as expected (ARP from new to exisiting server work without any prior traffic from the existing node.
I'll have to dig into this much deeper, but if this does ring a bell for anyone here, I'd really appreciate any idea or pointer.
Best regards,
Jens
Seems I'm not the only one affected by this - I received a message from another Netgear user reporting similar problems.
We're ran into more similar situations (it was reported to me by an admin "host cannot ping, but one I pinged from the other side, even the original ping started to work") and we're facing "obscure" connectivity problems (where connections are reported to run into time-outs by applications, when trying to talk to some service). All this on v12.0.9.3, so "latest firmware".
Anybody else using LACP links across multiple M4300 (stacked) switches, facing similar symptoms?
Regards,
J
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
